-
Notifications
You must be signed in to change notification settings - Fork 11
Add MongoDB Resource Type and Kubernetes Terraform Recipe #51
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Open
panagiotisbellias
wants to merge
17
commits into
radius-project:main
Choose a base branch
from
panagiotisbellias:21-add-k8s-mongodb-recipe-terraform
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Changes from all commits
Commits
Show all changes
17 commits
Select commit
Hold shift + click to select a range
bc74985
Create a MongoDB resource type schema and a matching Terraform Kubern…
panagiotisbellias 3da2afd
Add GitHub Actions workflow that tests MongoDB Recipe (#21)
panagiotisbellias cab47a1
Fix MongoDB Terraform Recipe (#21)
panagiotisbellias 6b69b0c
Fix MongoDB Terraform Recipe (#21)
panagiotisbellias ddc07ce
Fix MongoDB Terraform Recipe (#21)
panagiotisbellias 6372a93
Fix MongoDB Terraform Recipe (#21)
panagiotisbellias 96fa2af
Fix MongoDB Terraform Recipe (#21)
panagiotisbellias 4a34026
Fix MongoDB Terraform Recipe (#21)
panagiotisbellias ba99840
Fix MongoDB Terraform Recipe (#21)
panagiotisbellias 51d65d6
Fix MongoDB Terraform Recipe (#21)
panagiotisbellias 1e200e0
Enhance GitHub Actions workflow that tests MongoDB Recipe (#21)
panagiotisbellias 2b85e6c
Add MongoDB resource type and Kubernetes Terraform recipe (#21)
panagiotisbellias 3e2cf99
Merge branch 'main' into 21-add-k8s-mongodb-recipe-terraform
panagiotisbellias 8dd5049
Apply some PR review's comments before restructuring (#21)
panagiotisbellias b7c07da
Merge branch 'main' into 21-add-k8s-mongodb-recipe-terraform
panagiotisbellias b0e0692
Apply restructuring after PR review (#21)
panagiotisbellias 35b1060
Apply PR review's comments (#21)
panagiotisbellias File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,128 @@ | ||
# MongoDB Kubernetes Recipe (Terraform) | ||
|
||
This recipe provisions a MongoDB instance on Kubernetes using Terraform. It is implemented as a **Radius.Data/mongoDatabases** resource type and can be used in Bicep or Terraform-based applications. | ||
|
||
--- | ||
|
||
## Overview | ||
|
||
The `mongoDatabases` Resource Type provisions a MongoDB database instance on Kubernetes with optional persistence, resource configuration, and admin credentials. | ||
It supports creating the database service, StatefulSet, PVCs (if persistence is enabled), and secrets for credentials. | ||
|
||
--- | ||
|
||
## Recipes | ||
|
||
| Platform | IaC Language | Recipe Name | Stage | | ||
|------------|-------------|---------------------|-------| | ||
| Kubernetes | Terraform | kubernetes-mongodb/main.tf | Alpha | | ||
|
||
--- | ||
|
||
## Recipe Input Properties | ||
|
||
| Variable | Type | Default | Description | | ||
|-------------------|--------|-------------|----------------------------------------------| | ||
| `name` | string | required | MongoDB instance name | | ||
| `version` | string | 6.0 | MongoDB version | | ||
| `replicas` | int | 1 | Number of replicas | | ||
| `storage_size` | string | 10Gi | PVC size | | ||
| `storage_class` | string | standard | Kubernetes storage class | | ||
| `username` | string | admin | Admin username | | ||
| `password` | string | required | Admin password | | ||
| `persistence` | bool | true | Enable persistence (creates PVC) | | ||
| `backup_enabled` | bool | false | Enable backups | | ||
| `backup_schedule` | string | "" | Cron schedule for backups | | ||
| `resources` | object | {} | CPU/memory requests and limits | | ||
|
||
> **Note:** For CI or ephemeral testing, set `persistence=false` to avoid PVC-related delays in Kind clusters. | ||
|
||
--- | ||
|
||
## Recipe Output Properties | ||
|
||
| Property | Description | | ||
|--------------------------|------------------------------------------------------| | ||
| `values.host` | MongoDB service host (read-only) | | ||
| `values.port` | MongoDB service port (read-only) | | ||
| `values.username` | Admin username (read-only) | | ||
| `secrets.password` | Admin password (sensitive, read-only) | | ||
| `resources` | UCP resource IDs for Service and StatefulSet | | ||
|
||
--- | ||
|
||
## Recipe Description | ||
|
||
This Terraform recipe creates: | ||
|
||
1. A Kubernetes **Secret** for MongoDB credentials. | ||
2. An optional **PersistentVolumeClaim** if `persistence=true`. | ||
3. A **ClusterIP Service** for MongoDB. | ||
4. A **StatefulSet** running the specified MongoDB version, replicas, and resources. | ||
5. Optional dynamic volume mounts and PVCs. | ||
6. Outputs exposing connection info and secrets for downstream usage. | ||
|
||
--- | ||
|
||
## Usage Instructions | ||
|
||
### Manual Testing | ||
|
||
1. Apply Terraform: | ||
```bash | ||
terraform init | ||
terraform apply \ | ||
-var="name=mydb" \ | ||
-var="password=MySecretPass123" \ | ||
-auto-approve | ||
``` | ||
|
||
2. Check pod status: | ||
```bash | ||
kubectl get pods | ||
# Ensure test-mongodb-0 is READY=1/1 | ||
``` | ||
|
||
3. Connect to MongoDB: | ||
```bash | ||
kubectl run mongo-client --rm -it --image=mongo -- \ | ||
mongo "mongodb://$(kubectl get svc mydb-svc -o jsonpath='{.spec.clusterIP}'):27017" \ | ||
-u admin -p MySecretPass123 | ||
``` | ||
|
||
4. Verify database operations. | ||
|
||
5. Clean up (optional): | ||
```bash | ||
terraform destroy -var="name=mydb" -var="password=MySecretPass123" -auto-approve | ||
``` | ||
|
||
--- | ||
|
||
## CI / GitHub Actions Testing | ||
|
||
This recipe is automatically tested in GitHub Actions for pull requests and branch pushes. | ||
|
||
- A temporary Kind cluster is created. | ||
- Terraform applies the recipe with `persistence=false` for fast ephemeral testing. | ||
- The workflow waits for MongoDB pods to become ready. | ||
- Terraform destroys the resources and deletes the Kind cluster after the test. | ||
|
||
Workflow file: `.github/workflows/test-mongodb-recipe.yml` | ||
|
||
Example ephemeral test run: | ||
```bash | ||
terraform apply -var="name=test-mongodb" -var="password=MySecretPass123" -var="persistence=false" -auto-approve | ||
kubectl get pods | ||
terraform destroy -var="name=test-mongodb" -var="password=MySecretPass123" -var="persistence=false" -auto-approve | ||
``` | ||
|
||
> Make sure the MongoDB pod shows `READY=1/1` before connecting. | ||
|
||
--- | ||
|
||
## References | ||
|
||
- Radius MongoDB Resource Schema: https://docs.radapp.io/reference/resource-schema/databases/mongodb/ | ||
- Example Kubernetes Recipe: https://github.com/radius-project/recipes/blob/main/local-dev/mongodatabases.bicep | ||
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,102 @@ | ||
namespace: Radius.Data | ||
types: | ||
mongoDatabases: | ||
description: | | ||
The Radius.Data/mongoDatabases Resource Type provisions a MongoDB database instance on Kubernetes using Terraform. | ||
|
||
Start by adding a mongoDatabases resource to your application definition Bicep file: | ||
|
||
resource mongo 'Radius.Data/mongoDatabases@2025-10-01-preview' = { | ||
name: 'mongo' | ||
properties: { | ||
name: 'myMongoDb' | ||
version: '6.0' | ||
size: 'M' | ||
credentials: { | ||
username: 'admin' | ||
password: 'MySecurePassword123' | ||
} | ||
} | ||
} | ||
|
||
Then connect a container to the database: | ||
|
||
resource myContainer 'Radius.Compute/containers@2025-10-01-preview' = { | ||
name: 'myContainer' | ||
properties: { | ||
connections: { | ||
mongo: { | ||
source: mongo.id | ||
} | ||
} | ||
} | ||
} | ||
|
||
The connection automatically injects environment variables into the container for all properties from the database. | ||
The environment variables are named `CONNECTION_<CONNECTION-NAME>_<PROPERTY-NAME>`. | ||
In this example, the connection name is `mongo`, so the environment variables will be: | ||
|
||
CONNECTION_MONGO_NAME | ||
CONNECTION_MONGO_VERSION | ||
CONNECTION_MONGO_USERNAME | ||
CONNECTION_MONGO_PASSWORD | ||
CONNECTION_MONGO_HOST | ||
CONNECTION_MONGO_PORT | ||
|
||
These variables expose the connection details and credentials of the MongoDB instance for use by your application. | ||
|
||
> ⚠️ **Security note:** The `CONNECTION_MONGO_PASSWORD` variable contains sensitive data and should be handled carefully. | ||
Avoid logging or exposing it in application outputs. | ||
|
||
apiVersions: | ||
'2025-10-03-preview': | ||
schema: | ||
type: object | ||
properties: | ||
name: | ||
type: string | ||
description: The name of the MongoDB database instance. | ||
pattern: '^[a-zA-Z0-9\-]+$' | ||
version: | ||
type: string | ||
description: MongoDB server version to deploy. | ||
default: "6.0" | ||
size: | ||
type: string | ||
enum: ['S', 'M', 'L'] | ||
description: | | ||
The deployment size profile for the MongoDB instance. | ||
The Recipe implementation defines replicas, resource limits, and storage class for each size. | ||
|
||
- `S`: Small — development and testing | ||
- `M`: Medium — staging or moderate workloads | ||
- `L`: Large — production or high-availability | ||
default: "S" | ||
credentials: | ||
type: object | ||
description: Database credentials for the admin user. | ||
properties: | ||
username: | ||
type: string | ||
description: Admin username. | ||
default: "admin" | ||
password: | ||
type: string | ||
description: Admin password. | ||
minLength: 8 | ||
required: | ||
- username | ||
- password | ||
host: | ||
type: string | ||
description: "(Read-only) The host name used to connect to the MongoDB database." | ||
readOnly: true | ||
port: | ||
type: integer | ||
description: "(Read-only) The port number used to connect to the MongoDB database." | ||
readOnly: true | ||
required: | ||
- name | ||
- version | ||
- size | ||
- credentials |
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.